Microsoft has now released patches for the Foreshadow flaws. The updates are available for all supported versions of Windows 10 and Windows Server.
The Foreshadow/L1TF vulnerabilities are CVE-2018-3615, which impacts Intel’s Software Guard Extensions (SGX); CVE-2018-3620, which impacts operating systems and System Management Mode (SMM); and CVE-2018-3646, which affects virtualization software and Virtual Machine Monitors (VMM).
Microsoft made the updates, all dated 20th August 2018, available on the Microsoft Update Catalog this week.
- Windows 10 version 1803: KB4346084 (Catalog link) – this update replaces KB4100347
- Windows 10 version 1709: KB4346085 (Catalog link) – this update replaces KB4090007
- Windows 10 version 1703: KB4346086 (Catalog link) – this update replaces KB4091663
- Windows 10 version 1607: KB4346087 (Catalog link) – this update replaces KB4091664
- Windows 10 version 1507: KB4346088 (Catalog link) – this update replaces KB4091666
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.